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AMENDMENTS 

The following listing of Claims will replace all prior versions and listing of claims 
in the application. 

1. (currently amended) A method for providing a first network resource operating 
on a first network device access to a second network resource operating on a second 
network device , comprising: 

from a third network device, locating a profile using profile data obtained from a 
client device, the profile containing data for identifying and for accessing the second 
network resource; 

from the third network device, supplying the profile to the second network 
resource; 

from the third network device, receiving, from the second network resource, 
temporary credentials for accessing the second network resource and generated 
according to the profile; and 

from the third network device, providing the first network resource with the 
temporary credentials so that the first network resource can provide the second network 
resource with the temporary credentials to access and interact with the second network 
resource on behalf of the client device. 

2. (original) The method of Claim 1 t further comprising the act of invalidating the 
temporary credentials following a termination event 

3. (original) The method of Claim 2, wherein the termination event involves the 
lapse of a set time period. 

4. (previously presented) The method of Claim 2, wherein the termination event 
involves the first network resource accessing the second network resource. 
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5. (currently amended) The method of Claim 1 , wherein the temporary 
credentials that provide the first network resource with limited access to the second 
network resource. 

6. (currently amended) A method for enabling an application server to access a 
data sen/ice, the application server operating on a first network device and the data 
service operating on a second network device, the methodr comprising: 

the application server instructing a client device to provide profile data to an 
identification service operating on a third network device , the identification service 
having access to one or more profiles used to access one or more data services 
including the data service operating on the second network device , the profile data 
identifying a particular profile; 

the identification service locating the particular profile using the profile data 
received from a the client device, the profile containing data for identifying and for 
accessing the data service; 

the identification service providing the profile to the data service; 

the data service generating temporary credentials for accessing the data service 
identified by the particular profile; and 

the application server obtaining the temporary credentials and providing the data 
service with the temporary credentials to access and interact with the data service on 
behalf of the client device . 

7. (currently amended) The method of Claim 6 f wherein the act of instructing the 
client device includes providing a user interface that includes instructions to send profile 
data to the identification service, and sending the interface to the client device . 

8. (currently amended) The method of Claim 6, wherein the act of instructing the 
client device comprises redirecting the client device to the identification service. 

9. (original) The method of Claim 6, further comprising the act of invalidating the 
temporary credentials following a termination event 
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10. (original) The method of Claim 6, wherein the act of generating temporary 
credentials comprises generating temporary credentials that provide limited access to 
the data service. 

11. (previously presented) The method of Claim 6 f further comprising the 
application server generating a framed web page having a first frame and a second 
frame, and providing, for the first frame, content for directing an application, and 
providing, for the second frame, content for selecting one or more electronic files 
managed by the data service identified by the particular profile, 

12. (currently amended) The method of Claim 11, further comprises the client 
device sending a cookie identifying the particular profile upon opening the framed web 
page. 

13. (currently amended) The method of Claim 11, wherein the act of generating 
an interface includes generating an interface that includes instructions to request a web 
bug from the identification service, the method further comprising the client device 
requesting the web bug, the request including a cookie identifying the particular profile. 

14. (currently amended) A method for enabling an application server to access a 
data service, the application server operating on a first network device and the data 
service operating on a second network device, the methodr comprising: 

the application server receiving, from a client device , a request to direct an 
application; 

the application server instructing the client device to provide profile data to an 
identification service operating on a third network device , the identification service 
having access to one or more profiles for identifying and accessing one or more data 
services, the profile data identifying a particular profile; 
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the identification service providing the data service with the particular profile 
identified by the profile data, the profile containing data for identifying and accessing the 
data service; 

the data service using the profile to generate temporary credentials for accessing 
the data service; and 

the application server providing the data service with the temporary credentials to 
access and interact with the data service on behalf of the client device . 

15. (currently amended) The method of Claim 14, wherein the act of instructing 
the client device includes generating a user interface that includes instruction to send 
profile data to the identification service, and sending the interface to the client device. 

16. (currently amended) The method of Claim 14, wherein the act of instructing 
the client device comprises redirecting the client device to the identification sen/ice. 

17. (original) The method of Claim 14, further comprising the act of invalidating 
the temporary credentials following a termination event. 

18. (previously presented) The method of Claim 14, wherein the act of using the 
profile to generate temporary credentials comprises generating temporary credentials 
that provide limited access to the data service. 

19. (previously presented) The method of Claim 14, further comprising the 
application server generating a framed web page having a first frame and a second 
frame, the method further comprising providing, for the first frame, content for directing 
an application, and providing, for the second frame, content for selecting one or more 
electronic files managed by the data service identified by the particular profile. 

20. (previously presented) The method of Claim 19 f wherein the act of 
generating the framed web page includes generating a framed web page that includes 
instructions to request a web bug from the identification service, and wherein the act 
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instructing the client device includes the client device requesting the web bug upon 
opening the framed web page, the request including a cookie identifying the particular 
profile. 

21. (currently amended) A computer readable medium having instructions for: 
from a third network device, locating a profile using profile data obtained from a 

client device, the profile containing data for Identifying and for accessing the a second 
network resource operating on a second network device. ; 

f romjhejh ird_network device, supplying the profile to the second network 
resource; 

at the third network device receiving, from the second network resource, 
temporary credentials for accessing the second network resource and generated 
according to the profile; and 

from the third netwQrk_deyice, providing the a first network resource operating on 
a first network device with the temporary credentials so that the first network resource 
can provide the second network resource with the temporary credentials to access and 
interact with the second network resource on behalf of the client device. 

22. (original) The medium of Claim 21, further having instructions for invalidating 
the temporary credentials following a termination event 

23. (original) The medium of Claim 22, wherein the termination event involves 
the lapse of a set period of time. 

24. (original) The medium of Claim 22, wherein the termination event involves 
the first server accessing the second server. 

25. (original) The medium of Claim 21 , wherein temporary credentials provide 
limited access to the second server network resource . 
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26. (currently amended) A computer readable medium having instructions for: 
from a first network device, instructing a client device to provide profile data to an 

identification service operating on a third network device , the identification service 
having access to one or more profiles used to access one or more data services, the 
profile data identifying a particular profile; 

from the third network device, locating the particular profile using the profile data 
obtained from the client device , the profile containing data for identifying and for 
accessing athe data service operating on a second_network device : 

from the second network device, generating temporary credentials for accessing 
the data service identified by the particular profile; and 

from the first network_device, providing the data service with the temporary 
credentials to access and interact with the data service on behalf of the client device . 

27. (currently amended) The medium of Claim 26, wherein the instructions for 
instructing the clien t device include instructions for generating a user interface that 
includes instruction to send profile data to the identification sen/ice, and sending the 
interface to the client device . 

28. (currently amended) The medium of Claim 26, wherein the instructions for 
instructing the client device comprise instructions for redirecting the client device to the 
identification service. 

29. (previously presented) The medium of Claim 26, wherein the instructions for 
generating temporary credentials comprise instructions for generating temporary 
credentials that provide limited access to the data service. 

30. (previously presented) The medium of Claim 26, having further instructions 
for generating a framed web page having a first frame and a second frame and 
providing, for the first frame, content for directing an application, and providing, for the 
second frame, content for selecting one or more electronic files managed by the 
accessed data service. 

S/N: 10/085,971 

7 Case: 10013820-1 

Response to Office Action 



PAGE 1 1/31 1 RCVD AT 1012012005 5:06:32 PM [Eastern Daylight Time] * SVR:USPTO-EFXRF-6/25 * DNIS:2738300 * CSID:208 433 9295 * DURATION (mm-ss):07-22 



OCT-20-2005CTHU) 15:06 



Ormiston & McKinney 



(FAX)208 433 9295 



P. 012/031 



31. (original) The medium of Claim 30, wherein the instructions for generating 
the framed web page include instructions for generating a framed web page that 
includes instructions to request a web bug from the identification service, the request to 
include a cookie identifying the particular profile. 

32. (currently amended) A computer readable medium having instructions for 
from a third network device, generating an interface having user accessible 

controls for creating a profile for accessing a data service operating on a second 
network device : 

from the third network device, creating a profile according to selections made 
through the interface the profile containing data for identifying and accessing the data 
service; 

from the third network device, providing a client device with profile data 
identifying a created profile; 

upon receiving profile data, retrieving a profile identified by the profile data 
received; 

generating temporary credentials for accessing the data service identified by the 
retrieved profile; and 

providing an application serve r operating on a first network device with the 
temporary credentials for accessing and interacting with the data service on behalf of 
the client device. 

33. (previously presented) The medium of Claim 32, further comprising 
instructions for invalidating the temporary credentials following a termination event. 

34. (previously presented) The medium of Claim 33, wherein the termination 
event involves the lapse of a set time period. 

35. (previously presented) The medium of Claim 33, wherein the termination 
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36. (previously presented) The medium of Claim 32, wherein the instructions for 
generating temporary credentials comprise instructions for generating temporary 
credentials that provide limited access to the data service. 

37. (previously presented) The medium of Claim 32, wherein the instructions for 
providing a client device with profile data comprise instructions for generating a cookie 
containing data identifying the created profile and instructing a web browser operating 
on the client device to save the cookie. 

38. (currently amended) A computer readable medium having instructions for: 
generating , at a third network device, a profile interface having user accessible 

controls for creating a profile for locating and accessing a data service operating on a 
second network device : 

from the third network device, creating a profile according to selections made 
through the profile interface, the profile containing data for identifying and accessing the 
data service; 

from the third network device, providing a client device with profile data 
identifying a created profile; 

receiving , at a first network device, a request to access an application; 
from the first network device, instructing a client device to send profile data; 
receiving the profile data at the third network device : 

from the third network device, retrieving a profile identified by the profile data; 

generating , at the second network device, temporary credentials for accessing a 
data service identified by the retrieved profile; and 

from the first network device, providing the data service with the temporary 
credentials to access and interact with the data service on behalf of the client device . 

39. (currently amended) The medium of Claim 38, wherein the instructions for 
instructing the client device include instructions for generating a user interface that 
includes instruction to send profile data, and sending the interface to the client device , 
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40. (currently amended) The medium of Claim 38, wherein the instructions for 
instructing the client device comprise instructions for redirecting the client device . 

41 . (original) The medium of Claim 38, wherein the instructions for generating 
temporary credentials comprise instructions for generating temporary credentials that 
provide limited access to the data service. 

42. (previously presented) The medium of Claim 38, having further instructions 
for generating a framed web page having a first frame and a second frame, the medium 
having further instructions for providing, for the first frame, content for directing the 
application, and providing, for the second frame, content for selecting one or more 
electronic files managed by the accessed data service. 

43. (currently amended) The medium of Claim 42, wherein the instructions for 
providing a client device with profile data comprise instructions for providing the client 
device with a cookie, and wherein the instructions for generating the framed web page 
include instructions for generating a framed web page that includes instructions to 
request a web bug from the identification service, the request to include the cookie. 

44. (currently amended) A system for providing a first network resource operating 
on a first network device serve f with access to a second network resource operating on 
a second network device sewer, comprising: an identification service operating on a 
third network device, the identification service in network communication with a 
credential module, the credential module operating on the second network device and 
operable to use a profile acquired by the identification service to generate temporary 
credentials for accessing the second n etwork resource s e rver , the identification service 
being operable to receive profile data from a client device , to acquire a profile identified 
by the profile data, and - to - provido4 h e - fir s t -se rv e r with th e t e mporary cr e d e ntial s 



sen/ice , together being operable to provide the first s e rv e r network resource with the 
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temporary credentials enabling the first network resource sefvef to provide the second 
network resource s e rv e r with the temporary credentials to access and interact with the 
second network resource sewep on behalf of the client device . 

45. (original) The system of Claim 44, wherein the credential module is further 
operable to invalidate the temporary credentials following a termination event. 

46. (original) The system of Claim 45, wherein the termination event involves the 
lapse of a set time period. 

47. (original) The system of Claim 45, wherein the termination event involves the 
first server accessing the second server. 

48. (currently amended) The system of Claim 44, wherein the credential module 
is further operable to generate temporary credentials that provide limited access to the 
second network resource s e rv e r . 

49. (currently amended) A system for accessing a data service operating on a 
second network device comprising: 

an identification servrce ^operating on a third network device, operable to receive 
profile data from a client device identifying a particular profile and to provide that profile, 
the profile to contain electronic data used to identify the data service; 

a credential module , operating on the second network device, operable to obtain 
the profile from the identification service, generate temporary credentials, and map 
those credentials to the data service identified by the profile; and 

an application serve r,_operating on a first network device, operable to serve an 
interface containing instructions to send profile data to the identification service, to 
obtain the temporary credentials, and to provide the data service with the temporary 
credentials to access and interact with the data service on behalf of the client device. 



S/N: 10/085,971 
Case: 10013820-1 
Response to Office Action 



11 



PAGE 15/31 * RCVD AT 10/20/2005 5:06:32 PM [Eastern Daylight Time] * SVR:USPTO-EFXRF-6/25 * DNIS:2738300 ^ CSID:208 433 9295 * DURATION (mm-ss):07-22 



OGT-20-2005(THU) 15:07 Ormiston & McKinney 



(FAX)208 433 9295 



P. 016/031 



50. (original) The system of Claim 49, wherein the credential module is further 
operable to invalidate the temporary credentials following a termination event. 

51. (original) The system of Claim 49, further comprising: 

an application content provider in communication with the application server and 
operable to generate content for directing an application; and 

a data content provider in communication with the application server and 
operable to generate content for selecting electronic files managed by the accessed 
data service. 

52. (original) The system of Claim 51 , wherein the application server is operable 
to create the interface in the form of a framed web page having a first frame for 
displaying the content generated by the application content provider and a second 
frame for displaying the content generated by the data content provider, the framed 
web page also including instructions to request a web bug from the identification 
service, the request to include the profile data. 

53. (original) The system of Claim 51, further comprising a web browser operable 
to request and display the interface in the form of the framed web page and to request 
the web bug providing the profile data to the identification service. 

54. (currently amended) A system for accessing a data service operating on a 
second network device, the system comprising: 

an identification service operating on a third network device and operable to 
generate a profile interface having user accessible controls for creating a profile 
containing electronic data used to identify the data service, to create a profile using 
selections made through the profile interface, to issue instructions to store profile data 
used to access the created profile, to receive, from a client device , profile data 
identifying a particular profile, and to provide that profile; 
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a credential module operable to obtain the profile from the identification service, 
generate temporary credentials, and map those credentials to the data service 
identified by the profile; and 

an application server operating on a first network device and operable to serve 
an application interface that includes instructions to send profile data to the 
identification service, to obtain the temporary credentials, and to provide the data 
service with the temporary credentials to access and interact with the data service on 
behalf of the client device . 

55. (original) The system of Claim 54, wherein the credential module is further 
operable to invalidate the temporary credentials following a termination event. 

56. (original) The system of Claim 54, further comprising: 

an application content provider in communication with the application server and 
operable to generate application content for directing an application; and 

a data content provider in communication with the application server and 
operable to generate data content for selecting electronic files managed by the 
accessed data service. 

57. (original) The system of Claim 56, wherein the application server is operable 
to create the application interface in the form of a framed web page having a first frame 
for displaying the content generated by the application content provider and a second 
frame for displaying the content generated by the data content provider, the framed 
web page also including instructions to request a web bug from the identification 
sen/ice, the request to include the profile data. 

58. (original) The system of Claim 54, further comprising a browser operable to 
request and display the profile and application interfaces. 
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59. currently amended) A system far accessing data, comprising: 

a means for generating a profile interface having user accessible controls for 

creating a profile containing electronic data used to identify a particular data service 

operating on a second network device : 

a means for creating a profile using selections made through the profile 

interface; 

a means for issuing instructions to store profile data used to access the created 

profile; 

a means for receiving, from a client device, profile data identifying a particular 

profile; 

a means for providing the particular profile; 
a means for generating temporary credentials; 

a means for mapping the temporary credentials to the data service identified by 
the provided profile; 

a means for serving an application interface that includes instructions to send 
profile data to the an identification service operating on a third network device ; 

a means for providing , from a first network device, the data service with the 
temporary credentials to access and interact with the data service on behalf of the client 
devicer : and 

a means for invalidating the temporary credentials. 



10/085.971 
Case: 10013820-1 
Response to Office Action 



14 



PAGE 18/31 * RCVD AT 10/20/2005 5:06:32 PM pastern Daylight Time] * SVR:USPTO-EFXRF-6/25 * DN1S:2738300 1 CSID:208 433 9295 * DURATION (mm-ss):07-22 



